/*
 * 
 *
 * 
 * 
 */
package com.dp.service.impl3;


import java.util.ArrayList;
import java.util.List;
import java.util.Vector;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import org.apache.log4j.Logger;
import org.apache.log4j.MDC;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;


import com.dp.util.BaseBean;
import com.dp.util.DataMap;
import com.dp.util.MD5;

@Service
@Transactional
public class ValidBeanImpl extends BaseImpl {
	
	private static final Logger log = Logger.getLogger(ValidBeanImpl.class);
    public boolean validLogin(HttpServletRequest request, DataMap hm) {
       

        HttpSession sion = null;
      
       
        
        String user_id = null;
        String employee_id = null;
        String auth_tupe = null;
        String role_id = null;
        try {
//            String sql =
//            	" select * "+" from t_user as t1 "+	" where  "+("root".equalsIgnoreCase(hm.getMapData("username"))?"":" can_access=1 and  ")+
//            	" t1.user_id='"+hm.getMapData("username")+"' and t1.user_pwd='"+MD5.StringMD5(hm.getMapData("password"))+"' ";
   

        	String sql = 
            	"select user_id,employee_id,role_id,ctrl_date,user_pwd,auth_tupe,can_access,code" +
            	" " + ("root".equalsIgnoreCase(hm.getMapData("username"))?" from t_user as t1 where ":
            	" from t_user as t1 ,t_roles as tr where t1.can_access=1 and t1.role_id=tr.role_id and ") + "t1.user_id='"+hm.getMapData("username")+"' and t1.user_pwd='"+MD5.StringMD5(hm.getMapData("password"))+"' ";

            log.debug("sql="+sql);
            DataMap hm_userinfo =null;// dbAction.queryOneRow(sql);
            log.debug("hm_userinfo="+hm_userinfo);
            if (hm_userinfo.size() == 0) {
                return false;
            }
            
            sion = request.getSession(false);
            sion.setMaxInactiveInterval(1000*60*10);
            
            auth_tupe = hm_userinfo.getMapData("auth_tupe");
            employee_id = hm_userinfo.getMapData("employee_id");
            user_id = hm_userinfo.getMapData("user_id");
            role_id = hm_userinfo.getMapData("role_type");
            if(role_id.equals("") || role_id == null || role_id.equals("ADMIN"))
            {
            	role_id = null;
            }
            sion.setAttribute("s_user_id", user_id);
            sion.setAttribute("s_employee_id", employee_id);
            sion.setAttribute("s_auth_tupe", auth_tupe);
            sion.setAttribute("s_role_id", role_id);
            sion.setAttribute("s_role_type", hm_userinfo.getMapData("role_type"));
            
            MDC.put("uid", user_id+" ");  
            getAttributeNames(hm,sion);
            getUserAuth(request,true);
        } catch (Exception e) {
            e.printStackTrace();

            return false;
        }

        return true;
    }
    
    public boolean validLoginWap(HttpServletRequest request, String username, String password) 
    {
      
        HttpSession sion = null;
        String user_id = null;
        String role_id = null;
        try {
        	String sql = 
            	"select user_id,employee_id,role_id,ctrl_date,user_pwd,auth_tupe,can_access,code " + ("root".equalsIgnoreCase(username)?" from t_user as t1 where ":
            	" from t_user as t1 ,t_roles as tr where t1.can_access=1 and t1.role_id=tr.role_id and ") + "t1.user_id='"+username+"' and t1.user_pwd='"+MD5.StringMD5(password)+"' ";

            log.debug("sql="+sql);
            DataMap hm_userinfo =null;// dbAction.queryOneRow(sql);
            log.debug("hm_userinfo="+hm_userinfo);
            if (hm_userinfo.size() == 0) {
                return false;
            }
            sion = request.getSession(false);
            sion.setMaxInactiveInterval(1000*60*10);
            user_id = hm_userinfo.getMapData("user_id");
            role_id = hm_userinfo.getMapData("role_type");
            if(role_id.equals("") || role_id == null || role_id.equals("ADMIN"))
            {
            	role_id = null;
            }
            sion.setAttribute("sw_user_id", user_id);
            sion.setAttribute("sw_role_id", role_id);
            sion.setAttribute("s_user_id", user_id);
            sion.setAttribute("s_role_id", role_id);
        } catch (Exception e) {
            e.printStackTrace();
            return false;
        }
        return true;
    }
    
    public  Vector getUserAuth(HttpServletRequest request,boolean reset) {
        HttpSession session = null;
        session = request.getSession(false);
        Vector vAuth = null;
        
//        vAuth=(Vector)session.getAttribute("menu_vAuth");        
//        if(!reset && session!=null&&vAuth!=null)        	return vAuth;
        
        
        vAuth = new Vector();
        ArrayList sAl = new ArrayList();
        ArrayList mAl = new ArrayList();
        List<String> struts2auth=new ArrayList<String>();
        
        int sNum = 0;
        int mNum = 0;
        String user_id = BaseBean.ObjectToString(session.getAttribute("s_user_id"));

        //      查询节点一的信息
        String serviceSql = " select mainmenu_id,mainmenu_name,is_use,is_open,ctrl_date,action,orderid from t_mainmenus where is_use='Y' order by orderid asc";

        //      查询某角色下的某用户拥有的菜单项信息 （可以将该SQL修改后创建为视图，方便查询）
        String moduleSql =
            "select t2.submenu_id,t2.mainmenu_id,t2.submenu_name,t2.ctrl_url,t2.is_use,t2.ctrl_date,t2.target,t2.action,t2.request,t2.orderid " +
            " from t_submenus t2,t_mainmenus t1,t_user_auth ua " +
            "where t2.is_use='Y' and t2.mainmenu_id=t1.mainmenu_id and t2.submenu_id=ua.submenu_id and ua.user_id='" +
            user_id + "' order by t1.orderid asc ,t2.orderid asc";
        

       
       

        try {
           // session = null;
            sAl = this.queryALLResultSet(serviceSql);
            mAl = this.queryALLResultSet(moduleSql);
            sNum = sAl.size();
            mNum = mAl.size();

            
            for (int i = 0; i < sNum; i++) //一级菜单
             {
                Vector vS = new Vector();
                DataMap sHm = (DataMap) sAl.get(i);
                String s_node1_id = sHm.get("mainmenu_id").toString();

                
                boolean isPutService = false;

                DataMap mHm = new DataMap();

                for (int k = 0; k < mNum; k++) //二级菜单
                 {
                    mHm = (DataMap) mAl.get(k);

                    String m_node1_id = mHm.get("mainmenu_id").toString();

                    //String m_node2_id = mHm.get("node2_id").toString();
                    if (m_node1_id.equals(s_node1_id)) {
                        if (!isPutService) {
                            vS.addElement(sHm);
                            isPutService = true;
                        }

                        vS.addElement(mHm);
                        if(mHm.get("ctrl_url")!=null &&mHm.get("ctrl_url").toString().indexOf(".do")>0 )
                        struts2auth.add(mHm.get("ctrl_url").toString());//增加struts2的.do文件权限
                    }
                }

                if (vS.size() > 0)
                {
                	
                    vAuth.addElement(vS);
                }
            }
        } catch (Exception e) {
            e.printStackTrace();
        }
        session.setAttribute("menu_vAuth", vAuth); 
        session.setAttribute("struts2auth", struts2auth); 
        
        return vAuth;
    }
    public boolean validLogin(String user_id,String  user_pwd) {
       
       
        try {
           sql = "select count(*) from t_user where user_id=" +
            ObjectToStringDB(user_id) + " and user_pwd=" +
            ObjectToStringDB(MD5.StringMD5(user_pwd));
            return this.getOneInt()>0;

//            DataMap hm_userinfo = dbAction.queryOneRow(sql);
//
//            if (hm_userinfo.size() == 0) {
//                return false;
//            }
        } catch (Exception e) {
            e.printStackTrace();

            return false;
        }

       
    }
    public static boolean verifyLogin(HttpServletRequest request,
            HttpServletResponse response) {
            HttpSession sion = null;
            Object user_id = null;

            try {
                sion = request.getSession(false);
                if(sion==null)
                {
                	sion = request.getSession(true);
                }
                user_id = sion.getAttribute("s_user_id");
                
                
                
                if (user_id == null){
                    //response.sendRedirect("/five/admin?req=err");
                    return false;
                }
            } catch (Exception e) {
                e.printStackTrace();

                return false;
            }
     
            MDC.put("uid", user_id+" ");  
            return true;
     }
    public boolean verifyAuth(HttpServletRequest request) {
            HttpSession sion = null;
            Object user_id = null;
            sion = request.getSession(false);
            user_id = sion.getAttribute("s_user_id");
            if(sion==null)
            {
            	sion = request.getSession(true);
            }
            String querySql="select count(*) from t_submenus as t1 ,t_user_auth as t2 " +
            		"where t1.submenu_id=t2.submenu_id " +
            		"and t2.user_id="+ObjectToStringDB(user_id)+ 
            		"and t1.ctrl_url='"+"menu?request="+request.getParameter("request")+"&action="+request.getParameter("action") +"'";
            		 //"and t1.action="+ObjectToStringDB(request.getParameter("action"))+
            		 //"and t1.request="+ObjectToStringDB(request.getParameter("request"));
            try {
                
//            	DataMap map=new DBOperate().queryOneRow(querySql);
//            	
//            	if(map==null||map.size()==0)
//            		return false;
            		
                return this.getOneInt()>0;
            } catch (Exception e) {
                e.printStackTrace();

                return false;
            }
     
            //MDC.put("uid", user_id+" ");  
          //  return true;
     }
     
}
